package top.azusall.securitydemo.controller;


import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import top.azusall.common.entity.R;
import top.azusall.securitydemo.service.UserService;


/**
 * @author houmo
 */
@Slf4j
@RestController
public class SecurityController {


    @Resource
    private UserService userService;

    @RequestMapping("/login")
    public R login(@RequestParam String username, @RequestParam String password) {
        return userService.login(username, password);
    }


    @PreAuthorize("hasRole('USER') && hasAuthority('write')")
    @RequestMapping("/demo/test")
    public String test() {
        return "test success";
    }
}
